Python script to crack MD5 hash using dictionary attack- (2)

Continue from the previous post ; Now we used python to crack MD5 hash using dictionary attack.

#!/usr/bin/python
import sys, re, hashlib
# Check hash length
def chklength(hashes):
if len(hashes) != 32:
print “[-] Improper length for md5 hash.”
sys.exit(1)

# Attempts to crack hash against any givin wordlist.
def dict_attack():
hashes = raw_input(‘\nPlease specify hash value: ‘)
chklength(hashes)

wordlist = raw_input(‘\nPlease specify wordlist path: ‘)
try:
words = open(wordlist, “r”)
except(IOError):
print “[-] Error: Check your wordlist path.\n”
sys.exit(1)

words = words.readlines()
print “\n”,len(words),”words loaded…”
for word in words:
hash = hashlib.md5(word[:-1])
value = hash.hexdigest()
if hashes == value:
print “[+] Password is:”+word,”\n”
sys.exit(0)

print(‘\n1 – Dictionary Attack’)
print(‘2 – Exit’)
selection = raw_input(‘\nSelect an option from above: ‘)
sys.stdout.flush()

if selection == “1”:
dict_attack()
pass

elif selection == “2”:
sys.exit(0)

There are three function in this script.
(1)chklength
(2)dict_attack
(3)man function

we are going in reverse to understand script.

(1)Main function :- when you execute script first two lines display text on screen & asked user input for that task.
print(‘\n1 – Dictionary Attack’)
print(‘2 – Exit’)

Whatever selection from user is saved into the variable selection.
If selection is 1 ; it called function dict_attack() & if selection is 2 it terminate script.

(2)dict_attack :-
hashes = raw_input(‘\nPlease specify hash value: ‘) :- Asked to enter MD5 hash & saved it to variable hashes.

chklength(hashes) :- Now it call function chklength with argument specified is hashes. So what chklength function is do. It check length of MD5 hash ;because MD5 hash is 32 character ;it check if hash is proper or not ;If it is not 32 character long than it print Improper length for md5 hash & exit script.

wordlist = raw_input(‘\nPlease specify wordlist path: ‘) :- It ask to enter path of wordlist file & saved string to variable name wordlist.

words = open(wordlist, “r”) :- open file in read only mode.

except(IOError):
print “[-] Error: Check your wordlist path.\n”
sys.exit(1)

Above part indicate that if we entered wrong path name than it throw error message & stop execution of script.

words = words.readlines() :- read dictionary file.

print “\n”,len(words),”words loaded…” :- Print number of line in dictionary file on screen.

for word in words:
hash = hashlib.md5(word[:-1])
value = hash.hexdigest()

Above part indicate that it takes first word from word list file than calculate MD5 hash & then calculate digest & final value is saved in variable value.

If our calculated value & entered value is same than it print password is “+word,”\n” , otherwise for loop is running for number of words in dictionary file & doing above process.

md5-crack-python-script

Usage of script:-

chmod +x script_name.py

./script_name.py

Python script to crack MD5 hash using dictionary attack- (1)

Today we are going to learn how to write script to crack MD5 hash.MD5 is a message digest protocol ; In most of database password are saved in MD5 hash format so if database has been compromised then attacker cannot get clear text password but what he get is a one way hash ; which can not decrypt but can be cracked.

We are going to learn shell script & as well as python script to crack MD5 using dictionary attack ;but please don`t use shell script to crack MD5 hash ; because it takes too much time & more CPU resources compare to python script ; Shell script is just for understanding.

#!/usr/bin/env bash
echo “plese enter MD5 hash”
read value
cat  dictionary.txt| while read line1
do

cal=$(echo -n “$line1″|md5sum|cut -c 1-32)
if [ “$cal” == “$value” ]; then
echo “hash cracked password is “$line1″ ”
exit 1
fi
echo “trying “$line1″”
done

md5crack-script

Don`t use it to crack password ; because take too much resources & too much time.

In next script we will used python to crack md5 ; it `s too fast compare to shell script.

Zip file password cracker python script

Today we will understand python script to crack specific zip file password by dictionary attack.Python has inbuilt module for zip file which we import at starting of script; then we import optparse ,this allow user to specify user to zip file & dictionary file.Then import threading this allow simultaneous testing of multiple passwords from dictionary.

#!/usr/bin/python
import zipfile
import optparse
from threading import Thread

def extractFile(zFile, password):
try:
zFile.extractall(pwd=password)
print ‘[+] Found password ‘ + password + ‘\n’
except:
pass

def main():
parser = optparse.OptionParser(“usage %prog “+\
“-f -d “)
parser.add_option(‘-f’, dest=’zname’, type=’string’,\
help=’specify zip file’)
parser.add_option(‘-d’, dest=’dname’, type=’string’,\
help=’specify dictionary file’)
(options, args) = parser.parse_args()
if (options.zname == None) | (options.dname == None):
print parser.usage
exit(0)
else:
zname = options.zname
dname = options.dname

zFile = zipfile.ZipFile(zname)
passFile = open(dname)

for line in passFile.readlines():
password = line.strip(‘\n’)
t = Thread(target=extractFile, args=(zFile, password))
t.start()

if __name__ == ‘__main__’:
main()

As usual there is two function(1)main(2)extractfile

(1)main() :-
parser = optparse.OptionParser(“usage %prog “+\ “-f -d “)
Above line display usage option on terminal screen.

parser.add_option(‘-f’, dest=’zname’, type=’string’,\ help=’specify zip file’)
Individual command line option to specify zip file name ;so when we execute script we have to provide -f before zip file name.

parser.add_option(‘-d’, dest=’dname’, type=’string’,\ help=’specify dictionary file’)
Individual command line option to specify dictionary file ;so when we execute script we has to prode -d before dictionary file name.

After that there is if loop which check that if there is invalid zip file or invalid dictionary file name then it print usage message & exit execution.And if zip file name & dictionary file is valid then it saved it name to variable zname & dname.

zFile = zipfile.ZipFile(zname) : It indicate that we instantiate new zip file class by specifying file name of password protected zip file.

passFile = open(dname) :- Open the dictionary file & saved it to passFile.

for line in passFile.readlines(): This loop is executed for number of words in dictionary file.
First read lines from dictionary file ;save string to line ;then strip dictionary one by one word & saved value of word to password.

Now we call extractfile function

(2)extractFile(zFile, password):
zFile.extractall(pwd=password) :- It extract zip file with password from variable password which come from for loop & which is first word of dictionary file, if password is true than it print Found password with password.

Now if password is wrong it threw error message. & for loop is again executed from main function & now password is second word of dictionary file.

zip-file-password-crack

Usage:-
chmod +x script_name
./script_name -f zip_file_name -d dictionary_file_name

Python Script to crack Unix Hash

Here is python script to crack unix hash using dictionary attack.First understand how hash file look like.
victim: HX9LLTdc/jiDE: 503:100:Iama Victim:/home/victim:/bin/sh

We only interested in first two term of string.Here victim is username and HX9LLTdc/jiDE hash password.
First two character of hash password is salt in our case HX is salt which has been added to the hash.

In python there is crypt module available to generate unix hash for specific salt.

As you can see we calculate unix hash with help of given plain text password & salt.

#!/usr/bin/python
# -*- coding: utf-8 -*-
import crypt

def testPass(cryptPass):
salt = cryptPass[0:2]
dictFile = open(‘dictionary.txt’, ‘r’)
for word in dictFile.readlines():
word = word.strip(‘\n’)
cryptWord = crypt.crypt(word, salt)
if cryptWord == cryptPass:
print ‘[+] Found Password: ‘ + word + ‘\n’
return
print ‘[-] Password Not Found.\n’
return

def main():
passFile = open(‘passwords.txt’)
for line in passFile.readlines():
if ‘:’ in line:
user = line.split(‘:’)[0]
cryptPass = line.split(‘:’)[1].strip(‘ ‘)
print ‘[*] Cracking Password For: ‘ + user
testPass(cryptPass)

if __name__ == ‘__main__’:
main()

(1)There should be password hash file which name should be passwords.txt & it should be in same folder with script.

(2)There should be dictionary file which name should be dictionary.txt & it should be in same folder with script.

(1)main function:-

passFile = open(‘passwords.txt’) :- Open password file.

for line in passFile.readlines(): iterate through number of lines in file. It is used when there is more than one user string in password file ;now we assume that we have only one string in password file so we can ignore it.

if ‘:’ in line: :- If there is : present in string than execute following stattemens

user = line.split(‘:’)[0] :-

line.split(‘:’)[0] :- split string by delimiter :

for example our sting is as follow

victim: HX9LLTdc/jiDE: 503:100:Iama Victim:/home/victim:/bin/sh

than it separate string by delimiter :

So line.split(‘:’)[0] becomes victim ;line.split(‘:’)[1] becomes HX9LLTdc/jiDE and so on.

Now we save line.split(‘:’)[0] value to username variable.

cryptPass = line.split(‘:’)[1].strip(‘ ‘) :- as mentioned previously it extract hash from string & strip(‘ ‘) remove leading whitespace & saved to variable cryptPass.

So still now we only extract username & hash from password file & save it to variable. Next is calling of testPass function.

(2)testPass :-

salt = cryptPass[0:2] :- As we mentioned in starting that first two character are salt ;so we extract salt from hash. & saved it to variable salt.

dictFile = open(‘dictionary.txt’, ‘r’) = Open dictionary in read only mode.

for word in dictFile.readlines(): :- iterate through the number of word in dictionary.

word = word.strip(‘\n’) :- strip word from dictionary file & \n is used for next word when for loop is running next time.

cryptWord = crypt.crypt(word, salt) :- it generate unix hash from word of dictionary file & salt which we extracted from hash.

if cryptWord == cryptPass: Now if calculated hash & hash in password file will be match than it will print password found on screen otherwise for loop will running for number of words in dictionary file.

python-script-crack-unix-hash

Usage of script

chmod +x script_name.py

./script_name.py